Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Enterprise Application Platform

Jboss EAP

The JBoss Enterprise Application Platform is a subscription-based/open-source Java EE-based application server runtime platform used for building deploying and hosting highly-transactional Java applications and services developed and maintained by Red Hat

Official Site:

https://www.redhat.com/en/technologies/jboss-middleware/application-platform

Severity Summary:

Critical: 34 High: 77 Medium: 101 Low: 16
Reference
Title
Severity
CVE-2019-16335
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2016-2141
Jboss EAP Permissions Privileges and Access Controls Vulnerability
Critical
CVE-2019-17267
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-7525
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-15095
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-12629
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability
Critical
CVE-2015-7501
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-17485
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-12149
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2016-3690
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2017-7503
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability
Critical
CVE-2018-8088
Jboss EAP Vulnerability
Critical
CVE-2017-7465
Jboss EAP Improper Control of Generation of Code (Code Injection) Vulnerability
Critical
CVE-2017-7504
Jboss Deserialization of Untrusted Data Vulnerability
Critical
CVE-2022-4492
Jboss EAP Vulnerability
Critical
CVE-2019-20445
Jboss EAP Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Critical
CVE-2019-20444
Jboss EAP Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Critical
CVE-2019-17531
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2016-5018
Jboss EAP Vulnerability
Critical
CVE-2019-3873
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2019-14540
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-16943
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-10202
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-10212
Jboss EAP Insertion of Sensitive Information into Log File Vulnerability
Critical
CVE-2018-7489
Jboss EAP Incomplete List of Disallowed Inputs Vulnerability
Critical
CVE-2017-7464
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability
Critical
CVE-2018-14720
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-14887
Jboss EAP Inadequate Encryption Strength Vulnerability
Critical
CVE-2019-14893
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical
CVE-2019-14892
Jboss EAP Deserialization of Untrusted Data Vulnerability
Critical